Archive for September, 2021

Cyber-bullied Footballer Donates Compensation to Charity

Cyber-bullied Footballer Donates Compensation to Charity

A Kittitian soccer player has made a charitable donation of the compensation he received after being racially abused on social media. 



Midfielder Romaine Sawyers, who is currently on loan at Stoke City Football Club from his parent club, West Bromwich Albion, was victimized by 50-year-old cyber-bully Simon Silwood of Kingswinford, West Midlands.



Silwood was arrested after posting a comment on a Facebook group in January 2021 that said that Sawyers should be awarded the “Baboon D’Or.” 



The comment was a racist pun based on the Ballon d’Or or Golden Boot, which is an annual award given to the world’s best footballer. 



Sawyers told Walsall Magistrates’ Court that reading Silwood’s comment has caused him to feel “harassed, alarmed and distressed.”



In a statement released earlier today, Sawyers said: “This is an incident that has affected me deeply, but I would like to encourage fellow players to report all racial abuse to the police.” 



Silwood claimed that he had written the word “buffoon” and autocorrect had changed it to “baboon,” but he was convicted of sending an offensive message under the Communications Act in a trial that ended on September 9.



Earlier today, a judge at Birmingham Magistrates’ Court sentenced Silwood to eight weeks in prison and ordered him to pay a £128 victim surcharge and a total of £1,000 in costs and compensation.



The judge told the court: “There is no place for racial abuse.”



Sawyers stated today that he has donated the compensation to a local West Midlands charity. He explained: “It is important to me to turn this negative experience into something positive.”



The 29-year-old footballer thanked the fan who came forward and reported the abuse and expressed his gratitude to the police who investigated the matter. 



Sawyers then called on social media companies to make a greater effort to keep racist abuse off their platforms. 



“It is widely accepted that social media companies must do more to stop the publication of racism on their platforms,” said Sawyers. “I again urge them to take the necessary action required to prevent anyone from receiving the abuse I experienced.”



West Bromwich Albion – the team supported by Silwood – have banned the convicted criminal from attending matches for the rest of his life.



Source: Infosecurity
Cyber-bullied Footballer Donates Compensation to Charity

You're Going to Be the Victim of a Ransomware Attack

That’s not admitting defeat. It’s preparing for success.
Source: DarkReading
You’re Going to Be the Victim of a Ransomware Attack

The New Security Basics: 10 Most Common Defensive Actions

Companies now commonly collect security metrics from their software development life cycle, implement basic security measures, and define their obligations to protect user data as part of a basic security strategy.
Source: DarkReading
The New Security Basics: 10 Most Common Defensive Actions

5 Ways to Become a Better Cyber-Threat Exterminator

Tactical threat intelligence feeds directly into security operations and helps tighten existing security controls and improve incident response times.
Source: DarkReading
5 Ways to Become a Better Cyber-Threat Exterminator

Vulnerability Exposes iPhone Users to Payment Fraud

Vulnerability Exposes iPhone Users to Payment Fraud

Many iPhone users are vulnerable to payment fraud due to vulnerabilities in Apple Pay and Visa, according to new research from the University of Birmingham and the University of Surrey.


The experts revealed they could bypass an iPhone’s Apple Pay lock screen to perform contactless payments when the Visa card is set up in ‘Express Transit mode’ in an iPhone’s wallet. Transit mode allows users to make a quick contactless mobile payment without fingerprint or facial recognition authentication, for example, at an underground station turnstile.


The team used simple radio equipment to uncover a unique code broadcast by the transit gates, or turnstiles, which unlocks Apple Pay. This code, dubbed ‘magic bytes,’ was used to interfere with the signals going between the iPhone and a shop card reader. The researchers could then trick the iPhone into believing it was interacting with a transit gate rather than a shop card reader by broadcasting the magic bytes and changing other fields in the protocol.


Therefore, this weakness could potentially be exploited by hackers to make transactions from an iPhone inside someone’s bag without their knowledge.


The technique even enabled the experts to bypass the contactless limit, enabling any amount to be taken without the iPhone user’s knowledge. This is because the shop reader believed the iPhone had successfully completed its user authorization.


The researchers emphasized that the vulnerability only applies to Apple Pay and Visa systems working together and does not affect other combinations, such as Mastercard in iPhones.


Dr Andreea Radu, lecturer at the School of Computer Science, University of Birmingham, commented: “Our work shows a clear example of a feature, meant to incrementally make life easier, backfiring and negatively impacting security, with potentially serious financial consequences for users.


“Our discussions with Apple and Visa revealed that when two industry parties each have partial blame, neither are willing to accept responsibility and implement a fix, leaving users vulnerable indefinitely.”


Co-author Dr Tom Chothia, also from the School of Computer Science at the University of Birmingham, added: “iPhone owners should check if they have a Visa card set up for transit payments, and if so they should disable it. There is no need for Apple Pay users to be in danger but until Apple or Visa fix this they are.”


Responding to the findings, Brian Higgins, security specialist at Comparitech said Apple Pay and Visa users should consider switching service providers. “This kind of exploit is reminiscent of war-driving near-field-communication antenna data from contactless payment cards when they first became popular. Back then, it was almost impossible to attribute the raw data to an individual cardholder, so nobody was all that bothered.


“Now it’s possible to extract payments immediately with the right kind of equipment it’s rather unfortunate that neither Apple nor Visa are particularly bothered by the threat to their paying customers and, as is so often the case, it is left to the individual consumer to protect themselves. The research identifies plenty of service providers who have redundancies already built in to prevent this crime. The best advice would be to switch to one of those as soon as you can.”



Source: Infosecurity
Vulnerability Exposes iPhone Users to Payment Fraud

Cyber Second Only to Climate Change as Biggest Global Risk

Cyber Second Only to Climate Change as Biggest Global Risk

Cybersecurity has been ranked as the second biggest global risk in a major new survey of 23,000 experts and members of the public.



The AXA Future Risks Report was produced in partnership with the IPSOS research institute and geopolitical analysis consultancy Eurasia Group. Its findings were compiled from interviews with over 3400 experts in underwriting and risk management, plus a survey of 19,000 members of the public.



Cyber came second only to climate change on the global stage but was rated a number one risk in the Americas and second in Asia, Africa and Europe.



The percentage of experts ranking it among their top five risks increased significantly from 51% last year to 61% in 2021, with only a quarter (26%) believing that governments are prepared for cybersecurity risks — a figure unchanged since 2019.



When asked why they elevated the risk level for cyber, experts pointed to the “shutdown of essential services and critical infrastructure” (47%) and “cyber extortion and ransomware” (21%) as key factors.



Interestingly, the report found that public awareness of these threats is less acute and more focused on identity theft and privacy issues.



AXA predicted the number of “significant cyber incidents” in 2021 would hit an all-time high of 144, versus just 26 a decade ago and only one back in 2003. However, it was unclear what qualified as “significant.”



The report argued that the surge in serious events has increased the urgency to “clarify the roles of the state and insurers in helping to secure vital economic functions.” It added that greater public-private cooperation was needed to improve protections for essential public services.



The prospect of established global rules to govern cyberspace is as distant as ever, AXA claimed.



“Ideally, a mix of punitive actions and diplomacy would establish norms for governments to keep cyber-espionage within limits, and not tolerate ransomware gangs operating from their territory,” it argued.



“Espionage will likely continue, since states have strong incentives to try to gain surreptitious access to their adversaries’ networks and a growing market in hacking-for-hire services is bringing advanced hacking tools into the reach of more state actors.”



In the future, insurers, governments and multi-national organizations must work together more closely to define what constitutes cyber-related acts of war, the report concluded. It pointed out that this is because it gets increasingly difficult to differentiate and categorize various incidents.



Insurers traditionally don’t cover acts of war, which has led to expensive lawsuits in the past over these definitions.



In a World Economic Forum (WEF) report, cyber-attacks fell from second to fourth between 2019 and 2020 in terms of top global business risks. However, they were ranked first in North America and the UK and second in Europe.


Source: Infosecurity
Cyber Second Only to Climate Change as Biggest Global Risk

API Flaw Exposes Elastic Stack Users to Data Theft and DoS

API Flaw Exposes Elastic Stack Users to Data Theft and DoS

Security researchers have disclosed a serious and wide-ranging API vulnerability stemming from the incorrect implementation of Elastic Stack, which could create serious business risk for customers.



Elastic Stack is a popular collection of open source search, analytics and data aggregation products, including Elasticsearch.



Salt Security claimed that nearly every provider customer is affected by the vulnerability — which relates to design implementation flaws rather than a bug in Elastic Stack code itself.



Its Salt Labs team first identified the issue in a large online B2C platform providing API-based mobile applications and SaaS offerings to millions of global users.



“The APIs contained a design flaw, and Elastic Stack was configured with implicit trust of front-end services by back-end services. As a result, we were able to query for unauthorized customer and system data,” Salt Labs said in a blog post.



“We were further able to demonstrate additional flaws that took advantage of this Elastic Stack design weakness to create a cascade of API threats, many of which correspond indirectly to items described in the OWASP API Security Top 10.”



These include excessive data exposure, security misconfiguration, exposure to injection attacks due to lack of input filtering, and lack of resources and rate limits.



Salt Labs said the data it could access from the B2C firm via exploitation of the flaw included customer account numbers and GDPR-regulated information.



The injection attacks made possible by the vulnerability could enable threat actors to launch DoS attacks, as well as data theft, it claimed.


“Our latest API security research underscores how prevalent and potentially dangerous API vulnerabilities are. Elastic Stack is widely used and secure, but Salt Labs observed the same architectural design mistakes in almost every environment that uses it,” said Roey Eliyahu, co-founder and CEO of Salt Security.



“The Elastic Stack API vulnerability can lead to the exposure of sensitive data that can be used to perpetuate serious fraud and abuse, creating substantial business risk.”



According to recent research from the company, global API attacks have soared by 348% in the past six months.


Source: Infosecurity
API Flaw Exposes Elastic Stack Users to Data Theft and DoS

Cybersecurity CEO Arrested in Russia on Treason Charges

Cybersecurity CEO Arrested in Russia on Treason Charges

Group-IB boss faces 20-year jail term if found guilty



Ilya Sachkov, the outspoken CEO of Russian cybersecurity firm Group-IB, has been arrested on state treason charges.



Moscow’s Lefortovo court ordered the 35-year-old, who is said to spend most of his time at the company’s headquarters in Singapore, to be held in custody for two months.



During this time, the firm’s leadership will pass to co-founder Dmitry Volkov, according to a brief statement from Group-IB.



The security firm claimed operations would continue as usual while its lawyers digest the court’s statement.



“Group-IB’s team is confident in the innocence of the company’s CEO and his business integrity,” it said. “Group-IB’s communications team refrains from commenting on the charges brought and the circumstances of the criminal case due to the ongoing procedural activities.”



Yesterday, the firm also revealed that police had searched its Moscow office on Tuesday.



“Law enforcement officers left Group-IB’s office at night the same day. Group-IB’s communications team also said that the reason for the search was not yet clear, but noted that all the company’s offices around the world continued providing support to customers and partners as usual,” it explained.



Reports suggest Sachkov, who President Putin has awarded for his cybersecurity work in the past, was arrested on suspicion of conspiring with foreign intelligence services. Such charges are said to carry a sentence of 20 years behind bars.



However, the real reason is unclear. The prominent Russian businessman joins a long list of journalists, military personnel, government officials, scientists and others accused of treason in recent years.



He has been blunt in the past about Russia’s harboring of cyber-criminals within its borders — an issue taken up with enthusiasm by the Biden administration.


Source: Infosecurity
Cybersecurity CEO Arrested in Russia on Treason Charges

SecZetta Announces $20.5M Series B Funding

Oversubscribed round led by SYN Ventures, with participation from MassMutual Ventures and existing investors ClearSky and Rally Ventures.
Source: DarkReading
SecZetta Announces .5M Series B Funding

Shades of SolarWinds Attack Malware Found in New 'Tomiris' Backdoor

Malware contains similarities that suggest a possible link to malware that Russia’s DarkHalo group used in its massive supply chain attack, researchers say.
Source: DarkReading
Shades of SolarWinds Attack Malware Found in New ‘Tomiris’ Backdoor